DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced a $2 million seed investment in Vigilant Ops, a leading automation platform for the generation, maintenance, and authenticated sharing of certified Software Bill of Materials (SBOM).
Vigilant Ops, winner of the 6th annual DataTribe Challenge in November, performs continuous vulnerability monitoring and alerting, security patch notifications, and the ability to upload SBOMs — lists of the software libraries embedded in products — from alternate sources.
“Software security is the next domain in cyber, and government policies are increasingly placing significant development regulations that require software manufacturers to be responsible for the cybersecurity of their products,” said Tony Surak, chief marketing officer for DataTribe. “Vigilant Ops is meeting an urgent market need, automating the production of SBOMs to provide a system of record for software buyers to manage SBOMs and bolster resiliency through identifying and mitigating component vulnerabilities.”
Federal government policymakers and regulators are keenly focused on software security and have highlighted SBOMs’ role in creating a secure and resilient software ecosystem.
In 2021, the Biden Administration’s National Security Strategy and Executive Order 14028 required SBOMs from organizations to secure the components of software products used to manage our nation’s most vital interests. In the past two-plus years, SBOM mandates and guidance have been issued by the Federal Drug Administration (FDA), Federal Energy Regulatory Commission (FERC), Cybersecurity Infrastructure Security Agency (CISA), National Security Agency (NSA), and Office of the Director of National Intelligence (ODNI), just to name a few.
Vigilant Ops will use the funding to expand the capabilities of its InSight platform across multiple critical infrastructure industries. Vigilant Ops, which has focused primarily on the healthcare sector, will continue to build a complete inventory of software components recognized by legislation and regulatory requirements to expand into the energy, telecom, manufacturing, information technology, financial services, and communications industries.
“The DataTribe funding, coupled with its foundry model, will enable us to quickly scale our technology and business development operations to meet the software cybersecurity challenges that threaten our national and economic security,” said Ken Zalevsky, Vigilant Ops CEO. “Securing the products that enable the critical infrastructure every citizen and company rely on daily will help unleash the innovative uses of new technologies and services.”
The most recent release of the InSight Platform now includes automated import of various SBOM formats, supporting industry standards like CycloneDX and SPDX. In addition, the vulnerability dispositioning process now enables justification responses, following prescribed industry standards and mitigation scoring, which can be included in Vulnerability Exploitability eXchange (VEX) reports.
SOURCE: Businesswire